Fortinet black logo

VM Installation - VMWare ESXi

Home FortiADC Private Cloud VM Installation - VMWare ESXi

Cloud-init using config drive

Cloud-init using config drive

This section describes how to bootstrap a FortiADC-VM in VMware vCenter using config drive. Use this guide if you are deploying VMs on VMware vCenter or standalone ESX and would like to preconfigure the FortiADC-VM so that it boots with a predetermined configuration, and a valid license.

Verify that the config drive functionality is available for your FortiADC-VM version in the release notes. FortiADC-VM supports version 2 of the config-drive capabilities. Cloud-Init config drive was initially created for OpenStack and other cloud environments and is a capability available on the FortiADC-VM even when booting within a VMware vCenter or standalone ESX environment. Config drive also allows the administrator to pass both day zero configuration scripts and FAD-VM licenses to the FortiADC on initial boot.

To pass a config drive to the FortiADC-VM, first you must create a directory structure, and place the license file and configuration script file in the appropriate places. Here is the directory structure you will need:

FortiADC-VM license file

The contents of the FAD-VM license file go into the 0000 file. Generally one would cat the license file and redirect the output into the config-drive/openstack/content/0000 file.

fad-user@ubuntu:/var/tmp$ cat config-drive/openstack/content/0000

-----BEGIN FAD VM LICENSE-----

#-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-#

-----END FAD VM LICENSE-----

fad-user@ubuntu:/var/tmp$

FortiADC configuration script

The configuration script for a FortiADC-VM uses standard FortiADC CLI syntax. Here is a simple example, where the hostname is Example-Day0 and port1 is configured to use your designated IP address:

fad-user@ubuntu:/var/tmp$ cat config-drive/openstack/latest/user_data

config system global

set hostname Example-Day0

end

config system interface

edit port1

set mode static

set ip 10.106.170.53/24

set allowaccess https ssh ping

end

fad-user@ubuntu:/var/tmp$

Create the Config Drive ISO

  1. Create the config-drive ISO using a utility such as xorriso (other utilities can also be used to create ISOs, such as mkisofs). Using xorriso, this example refers to the config-drive directory created above with the relevant license file and configuration script. Here is an example of creating a config-drive ISO on an Ubuntu host:

    2. xorriso -as mkisofs -V config-2 -o Day0-CFG-Drive.iso config-drive/

    xorriso 1.3.2 : RockRidge filesystem manipulator, libburnia project.

    Drive current: -outdev 'stdio:Day0-CFG-Drive.iso'

    Media current: stdio file, overwriteable

    Media status : is blank

    Media summary: 0 sessions, 0 data blocks, 0 data, 14.3g free

    xorriso : WARNING : -volid text does not comply to ISO 9660 / ECMA 119 rules

    Added to ISO image: directory '/'='/var/tmp/config-drive'

    xorriso : UPDATE : 5 files added in 1 seconds

    xorriso : UPDATE : 5 files added in 1 seconds

    ISO image produced: 185 sectors

    Written to medium : 185 sectors at LBA 0

    Writing to 'stdio:Day0-CFG-Drive.iso' completed successfully.

    ls -l Day0-CFG-Drive.iso

    -rw-rw-r-- 1 fad-user fad-user 378880 Apr 2 13:32 Day0-CFG-Drive.iso

  2. Now that the configuration drive has been created, place the ISO on the data store so that it can be used with FortiADC-VMs.
  3. Deploy the FortiADC-VM using an OVF template.
  4. Once you reach the end of the OVF template deployment Ensure to deselect Power on after deployment if has. This is so we can attach our config-drive ISO as a cdrom device before initial boot.
  5. Edit the virtual machine settings.
  6. Add a new device: CD/DVD drive and Ensure to select Connect at power on.
  7. Attach the Day0-CFG-Drive.iso ISO that you created earlier.

  8. Complete your changes, then navigate to the VM to boot it.

Results and verification

Boot the FortiADC-VM and open the console to verify that the VM is booting and utilizing the license file and day zero configuration file that was provided. Follow these verifications steps:

  1. Power on the VM.
  2. Go to the Console. Verify that you see the Configuration and VM license installed message and the subsequent reload.
  3. Upon completion of the boot sequence, you can verify that the FortiADC-VM hostname changed to ExampleDay0. Also verify that the license file is verified and the license registration status changed to VALID.
  4. After logging in, use the get system status command to verify that the license is upload.
  5. Use the get system interface port1 to verify that port1 is configured.

ESXi cloud init reference

For ESXi the utility xorriso is used on a Linux host to create the ISO used to boot the VM. The directory structure used to create the ISO is described below.

After the ISO is created you must upload it to your datastore of choice and attach it to the FortiADC-VM after deploying the OVF but before booting it up for the first time.

ls -lR config-drive/

config-drive/: total 4

drwxrwxr-x 4 fad-user fad-user 4096 Apr 2 11:59 openstack

config-drive/openstack:

total 8

drwxrwxr-x 2 fad-user fad-user 4096 Apr 2 12:07 content

drwxrwxr-x 2 fad-user fad-user 4096 Apr 2 12:06 latest

config-drive/openstack/content:

total 4

-rw-rw-r-- 1 fad-user fad-user 287 Apr 2 11:00 0000

config-drive/openstack/latest:

total 4

-rw-r--r-- 1 fdc-user fdc-user 172 Apr 2 11:06 user_data

cat config-drive/openstack/content/0000

-----BEGIN FAD VM LICENSE-----

#-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-#

-----END FAD VM LICENSE-----

cat config-drive/openstack/latest/user_data

config system global

set hostname Example-Day0

end

config system interface

edit port1

set mode static

set ip 10.106.170.53/24

set allowaccess https ssh ping

end

xorriso -as mkisofs -V config-2 -o Day0-CFG-Drive.iso config-drive/

xorriso 1.3.2 : RockRidge filesystem manipulator, libburnia project.

Drive current: -outdev 'stdio:Day0-CFG-Drive.iso' Media current: stdio file, overwriteable

Media status : is blank

Media summary: 0 sessions, 0 data blocks, 0 data, 14.3g free

xorriso : WARNING : -volid text does not comply to ISO 9660 / ECMA 119 rules Added to ISO

image:

directory '/'='/var/tmp/config-drive'

xorriso : UPDATE : 5 files added in 1 seconds xorriso : UPDATE : 5 files added in 1 seconds

ISO

image produced: 185 sectors

Written to medium : 185 sectors at LBA 0

Writing to 'stdio:Day0-CFG-Drive.iso' completed successfully.

ls -l Day0-CFG-Drive.iso

-rw-rw-r-- 1 fad-user fad-user 378880 Apr 2 11:32 Day0-CFG-Drive.iso

Previous
Next

Cloud-init using config drive

This section describes how to bootstrap a FortiADC-VM in VMware vCenter using config drive. Use this guide if you are deploying VMs on VMware vCenter or standalone ESX and would like to preconfigure the FortiADC-VM so that it boots with a predetermined configuration, and a valid license.

Verify that the config drive functionality is available for your FortiADC-VM version in the release notes. FortiADC-VM supports version 2 of the config-drive capabilities. Cloud-Init config drive was initially created for OpenStack and other cloud environments and is a capability available on the FortiADC-VM even when booting within a VMware vCenter or standalone ESX environment. Config drive also allows the administrator to pass both day zero configuration scripts and FAD-VM licenses to the FortiADC on initial boot.

To pass a config drive to the FortiADC-VM, first you must create a directory structure, and place the license file and configuration script file in the appropriate places. Here is the directory structure you will need:

FortiADC-VM license file

The contents of the FAD-VM license file go into the 0000 file. Generally one would cat the license file and redirect the output into the config-drive/openstack/content/0000 file.

fad-user@ubuntu:/var/tmp$ cat config-drive/openstack/content/0000

-----BEGIN FAD VM LICENSE-----

#-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-#

-----END FAD VM LICENSE-----

fad-user@ubuntu:/var/tmp$

FortiADC configuration script

The configuration script for a FortiADC-VM uses standard FortiADC CLI syntax. Here is a simple example, where the hostname is Example-Day0 and port1 is configured to use your designated IP address:

fad-user@ubuntu:/var/tmp$ cat config-drive/openstack/latest/user_data

config system global

set hostname Example-Day0

end

config system interface

edit port1

set mode static

set ip 10.106.170.53/24

set allowaccess https ssh ping

end

fad-user@ubuntu:/var/tmp$

Create the Config Drive ISO

  1. Create the config-drive ISO using a utility such as xorriso (other utilities can also be used to create ISOs, such as mkisofs). Using xorriso, this example refers to the config-drive directory created above with the relevant license file and configuration script. Here is an example of creating a config-drive ISO on an Ubuntu host:

    2. xorriso -as mkisofs -V config-2 -o Day0-CFG-Drive.iso config-drive/

    xorriso 1.3.2 : RockRidge filesystem manipulator, libburnia project.

    Drive current: -outdev 'stdio:Day0-CFG-Drive.iso'

    Media current: stdio file, overwriteable

    Media status : is blank

    Media summary: 0 sessions, 0 data blocks, 0 data, 14.3g free

    xorriso : WARNING : -volid text does not comply to ISO 9660 / ECMA 119 rules

    Added to ISO image: directory '/'='/var/tmp/config-drive'

    xorriso : UPDATE : 5 files added in 1 seconds

    xorriso : UPDATE : 5 files added in 1 seconds

    ISO image produced: 185 sectors

    Written to medium : 185 sectors at LBA 0

    Writing to 'stdio:Day0-CFG-Drive.iso' completed successfully.

    ls -l Day0-CFG-Drive.iso

    -rw-rw-r-- 1 fad-user fad-user 378880 Apr 2 13:32 Day0-CFG-Drive.iso

  2. Now that the configuration drive has been created, place the ISO on the data store so that it can be used with FortiADC-VMs.
  3. Deploy the FortiADC-VM using an OVF template.
  4. Once you reach the end of the OVF template deployment Ensure to deselect Power on after deployment if has. This is so we can attach our config-drive ISO as a cdrom device before initial boot.
  5. Edit the virtual machine settings.
  6. Add a new device: CD/DVD drive and Ensure to select Connect at power on.
  7. Attach the Day0-CFG-Drive.iso ISO that you created earlier.

  8. Complete your changes, then navigate to the VM to boot it.

Results and verification

Boot the FortiADC-VM and open the console to verify that the VM is booting and utilizing the license file and day zero configuration file that was provided. Follow these verifications steps:

  1. Power on the VM.
  2. Go to the Console. Verify that you see the Configuration and VM license installed message and the subsequent reload.
  3. Upon completion of the boot sequence, you can verify that the FortiADC-VM hostname changed to ExampleDay0. Also verify that the license file is verified and the license registration status changed to VALID.
  4. After logging in, use the get system status command to verify that the license is upload.
  5. Use the get system interface port1 to verify that port1 is configured.

ESXi cloud init reference

For ESXi the utility xorriso is used on a Linux host to create the ISO used to boot the VM. The directory structure used to create the ISO is described below.

After the ISO is created you must upload it to your datastore of choice and attach it to the FortiADC-VM after deploying the OVF but before booting it up for the first time.

ls -lR config-drive/

config-drive/: total 4

drwxrwxr-x 4 fad-user fad-user 4096 Apr 2 11:59 openstack

config-drive/openstack:

total 8

drwxrwxr-x 2 fad-user fad-user 4096 Apr 2 12:07 content

drwxrwxr-x 2 fad-user fad-user 4096 Apr 2 12:06 latest

config-drive/openstack/content:

total 4

-rw-rw-r-- 1 fad-user fad-user 287 Apr 2 11:00 0000

config-drive/openstack/latest:

total 4

-rw-r--r-- 1 fdc-user fdc-user 172 Apr 2 11:06 user_data

cat config-drive/openstack/content/0000

-----BEGIN FAD VM LICENSE-----

#-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-# #-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-REDACTED-#

-----END FAD VM LICENSE-----

cat config-drive/openstack/latest/user_data

config system global

set hostname Example-Day0

end

config system interface

edit port1

set mode static

set ip 10.106.170.53/24

set allowaccess https ssh ping

end

xorriso -as mkisofs -V config-2 -o Day0-CFG-Drive.iso config-drive/

xorriso 1.3.2 : RockRidge filesystem manipulator, libburnia project.

Drive current: -outdev 'stdio:Day0-CFG-Drive.iso' Media current: stdio file, overwriteable

Media status : is blank

Media summary: 0 sessions, 0 data blocks, 0 data, 14.3g free

xorriso : WARNING : -volid text does not comply to ISO 9660 / ECMA 119 rules Added to ISO

image:

directory '/'='/var/tmp/config-drive'

xorriso : UPDATE : 5 files added in 1 seconds xorriso : UPDATE : 5 files added in 1 seconds

ISO

image produced: 185 sectors

Written to medium : 185 sectors at LBA 0

Writing to 'stdio:Day0-CFG-Drive.iso' completed successfully.

ls -l Day0-CFG-Drive.iso

-rw-rw-r-- 1 fad-user fad-user 378880 Apr 2 11:32 Day0-CFG-Drive.iso

Previous
Next